use-after-free and memory corruption

🗓️ 27 Jan 2026 00:00:00Reported by Broadcom Security ResponseType

broadcom

broadcom🔗 support.broadcom.com👁 11 Views

Use-after-free and memory corruption in tcpmss_mangle_packet of xt_TCPMSS may allow remote DoS via iptables.

Reporter	Title	Published	Views	Family All 170
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Security is affected by Linux kernel vulnerabilities	25 Jul 201814:35	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Kernel affect Power Hardware Management Console	22 Sep 202123:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in the Linux kernel affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products	29 Mar 202301:48	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities have been fixed in IBM Security Privileged Identity Manager Appliance.	17 Sep 201915:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security vulnerabilities have been fixed in the IBM Security Access Manager Appliance	9 Jan 201922:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in the Linux kernel affect the IBM FlashSystem models V840 and V9000	11 Nov 201915:20	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM	6 Jul 201823:49	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in the Linux kernel affect the IBM FlashSystem 840 and 900	18 Feb 202301:45	–	ibm
Arista	Security Advisory 0034	2 May 201800:00	–	arista
Tenable Nessus	Arista Networks tcpmss_mangle_packet DoS (SA0034)	24 Feb 202000:00	–	nessus

27 Jan 2026 19:10Current

7.3High risk

Vulners AI Score7.3

CVSS 3.19.8

EPSS0.3431

use after free memory corruption xt_TCPMSS linux kernel iptables action